generic_javascript_obfuscation5 in www.lisboa.pt

On 2020-05-12T14:59:18.983416+00:00 we found pattern generic_javascript_obfuscation5, type: Suspicious, (JavaScript obfuscation is frequently used to hide malicious code (or with hope to protect intellectual property)) in the page https://www.lisboa.pt/typo3conf/ext/boo… referenced from https://lisboa.pt/ .

Code sample:

b'["layout","cookie.expiryDays","content.header","content.message","content.dismiss","content.allow","content.deny","content.link","content.href","type","\xc2\xa6\xc2\x8b"\xc2\xb6*\'","law.countryCode","law.regionalLaw","revokable","static","\xc2\x96\xc2\x87\x1a\xc2\xb6*\'"],n={updateCookieConsentOptions:function(e,t,n){for(stack=t.split(".");1<stack.length;)key=stack.shift(),e=e[key];e[stack.shift()]=n}};for(settings=document.querySelectorAll("[data-cookieconsent-setting]"),i=0;i<settings.length;++i)setting=settings[i].dataset.cookieconsentSetting,'

This feature is experimental so please feel free to contact us if you feel any of the reported issues is a false positive or you want to suggest a pattern that should be detected (we are using Yara standard).